From 1b61394afd1318d4c8da0845b15b0be92fa6bc99 Mon Sep 17 00:00:00 2001
From: Paul Brinkmeier <hallo@pbrinkmeier.de>
Date: Fri, 27 Jan 2023 04:59:29 +0100
Subject: [PATCH] Use vault password secret in CI

---
 .drone.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/.drone.yml b/.drone.yml
index 697b1f4..b56d613 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -19,11 +19,17 @@ steps:
     environment:
       SSH_KEY:
         from_secret: ssh_key
+      VAULT_PASSWORD:
+        from_secret: vault_password
     commands:
       - pip install ansible==6.4.0 > /dev/null 2> /dev/null
+
       - mkdir "$HOME/.ssh"
       - echo "$SSH_KEY" > "$HOME/.ssh/id"
       - chmod 0600 ~/.ssh/id
       - ssh-keyscan -p 2309 vmd98928.contaboserver.net > "$HOME/.ssh/known_hosts"
+
+      - echo "$VAULT_PASSWORD" > "$HOME/vault_password"
+
       - cd ansible
-      - ansible-playbook --private-key "$HOME/.ssh/id" --check playbooks/misc-all.yaml
+      - ansible-playbook --private-key "$HOME/.ssh/id" --vault-password-file "$HOME/vault_password" --check playbooks/misc-all.yaml